medieja
Verified User
Automated deployment with Bitbucket Pipelines & DirectAdmin
Hi all,
At the moment my deployment proces for a web project basically looks like:
This has a few disadvantages:
Every user / client / project has to have SSH access.
I think this is far from ideal. I like to limit this to two users maximum (admin included).
I use Gulp to generate my assets.
So this leaves me with a few options. I could install NodeJS, NPM etc. on my server and generate the assets after pulling in the changes from the repository. Or I could ignore the best practices and just commit my locally generated assets to the repository and I would be fine too. Or, and this is what I'm doing now, I upload my locally generated assets via (S)FTP to the project's (user's) folder. As you can see, all these options are far from ideal.
Bitbucket Pipelines
In my search for a better solution I have been looking into deploying with Bitbucket Pipelines. So far I have a running deployment script which generates my assets nicely. From that point I want to deploy my assets with Rsync (over SSH) to my server. Since I'm running Nginx with PHP-FPM on my server and every user owns its own files this would mean that I still need to give every user SSH access in order to preserve the proper ownership. Or, I could SSH with the admin account and chown the files to the right user after deployment. From my point of view this is also far from ideal as I don't want my admin account to have SSH access with the key pair generated at Bitbucket.
I'm thinking about creating some kind of a deployment user (with lesser rights then the admin account) that has SSH access and has access to the user's public_html folders.
Hi all,
At the moment my deployment proces for a web project basically looks like:
- Developing my project locally on a Vagrant box
- Commit and push my changes to Bitbucket
- Initialize the git repository in the user directory of that particular project
- Login over SSH as that user
- Pull & checkout my changes from there
- Transfer assets to project folder
This has a few disadvantages:
Every user / client / project has to have SSH access.
I think this is far from ideal. I like to limit this to two users maximum (admin included).
I use Gulp to generate my assets.
So this leaves me with a few options. I could install NodeJS, NPM etc. on my server and generate the assets after pulling in the changes from the repository. Or I could ignore the best practices and just commit my locally generated assets to the repository and I would be fine too. Or, and this is what I'm doing now, I upload my locally generated assets via (S)FTP to the project's (user's) folder. As you can see, all these options are far from ideal.
Bitbucket Pipelines
In my search for a better solution I have been looking into deploying with Bitbucket Pipelines. So far I have a running deployment script which generates my assets nicely. From that point I want to deploy my assets with Rsync (over SSH) to my server. Since I'm running Nginx with PHP-FPM on my server and every user owns its own files this would mean that I still need to give every user SSH access in order to preserve the proper ownership. Or, I could SSH with the admin account and chown the files to the right user after deployment. From my point of view this is also far from ideal as I don't want my admin account to have SSH access with the key pair generated at Bitbucket.
I'm thinking about creating some kind of a deployment user (with lesser rights then the admin account) that has SSH access and has access to the user's public_html folders.
- Is this a safe solution?
- How would that work exactly? Do I need to add the deployment user to every user's group that exists?
Last edited:
